Vulnerabilities in Word Press plugins according to CVE
Malicious Word Press plugins
Either designed to compromise the victim at the first place or containing serious security flaws as a result of bad testing, such plugins are used for spamming, malicious re-directions, drive by download attacks and other malicious activity.
Known vulnerabilities in Word Press plugins
|Search CVE and CCE Vulnerability Database|
|Vulnerabilities in Word Press plugins. Search results for last 3 months.|
How to avoid vulnerable or malicious Word Press plugins?
- So spend some time reading about plugin that you're interested in and user reviews.
- Go to plugin home page and see who developed it.
- Do the search in CVE for this plugin to make sure there no known/ open vulnerabilities. Such awareness will save you from headache of dealing with malware consequences later. And it won't cost you money.
- Use vulnerability scanners, such as GamaSec to check your website and to receive report with issues that can be fixed.